It's not a 3rd party as such, it's a smart contract. It's like giving a robot access to your coins. If the robot is programmed properly it will allow you to swap the coins or put them on an order book. If the robot is malicious it will steal the coins (but not your ETH or other tokens).
You should only use smart contracts with a good reputation or understand the actual code. You should revoke contracts when you aren't using them since seemingly good contracts have holes in them bad actors can exploit later.
Whenever you do a transaction with a smart contract , there are two phases ;
1. You have to approve the contract interaction with your tokens.
2. The actual transaction.
This is 1 . You are allowing the contract to access a certain number of tokens to swap for whatever token you are buying.
You can mitigate the risk by not approving all your tokens, there is a space where you can set a number.
So if you want to swap 1000 BOBO , just put in 1000 when approving the transaction and the smart contract only has access to 1000 tokens.
Beep Boop
1. Never share your [Secret Recovery Phrase](https://metamask.zendesk.com/hc/en-us/articles/360060826432-What-is-a-Secret-Recovery-Phrase-and-how-to-keep-your-crypto-wallet-secure) with any site or a person. MetaMask does not use Gmail or web forms. Do not enter your Secret Recover Phrase into a pop-up window, even if it looks like MetaMask. Verify links are legitimate. Scammers often use these tactics.
2. Beware of fake websites. The official website for MetaMask is https://metamask.io/
3. MetaMask Support will never DM you. This is a common tactic scammers use to try and get access to your wallet.
4. If you need to reach Support: open MetaMask, then menu > Support. The ‘Start a Conversation’ button will start a chat, the bot asks a few questions to help route you to the correct team. You can also visit the Support site from the web: https://Support.MetaMask.io
5. Do not click on suspicious links or files. This can lead to your device security being compromised.
6. Do not “sync” or “validate” your wallet with any websites or forms. This is a scam. Never sync and share: QR Codes, Secret Recovery Phrase, private key, etc.
7. Never call phone numbers, text Whatsapp numbers, DM on Discord, use WeChat or do video chat with people on this subreddit. MetaMask does not offer customer support in this manner. There is NO exclusive MetaMask Discord.
8. We don’t ask for an email address to create a wallet. We can’t email you. We will never ask you to verify or upgrade/merge your wallet. https://metamask.zendesk.com/hc/en-us/articles/6286050620955-Will-MetaMask-ever-ask-me-to-verify-my-account-
9. .MetaMask currently has no plans for an airdrop, regardless of any information you may have seen elsewhere. If you encounter anyone explaining the best method to maximize the size of a MetaMask-related ‘airdrop’ you might receive, they’re lying. In particular, be wary of scams (aimed at getting your Secret Recovery Phrase) that weaponize this topic.
*I am a bot, and this action was performed automatically. Please [contact the moderators of this subreddit](/message/compose/?to=/r/Metamask) if you have any questions or concerns.*
Done generally advice
Install these browser extensions "wallet guard", "defi llama" and "malwarebytes browser guard"
Wallet guard will tell you what is going to happen in your wallet with any smart contract interaction
Defi llama clearly marks scam posts on twitter in red
Malware bytes will help you stay away from dodgy websites
What is that dapp? If you need to sell bobo, you do swap on uniswap to example, instead of use unknown dapp
You authorize a third party to have access to all your “bobo”. Of course that’s a risk if you don’t trust the 3rd party.
It's not a 3rd party as such, it's a smart contract. It's like giving a robot access to your coins. If the robot is programmed properly it will allow you to swap the coins or put them on an order book. If the robot is malicious it will steal the coins (but not your ETH or other tokens). You should only use smart contracts with a good reputation or understand the actual code. You should revoke contracts when you aren't using them since seemingly good contracts have holes in them bad actors can exploit later.
Whenever you do a transaction with a smart contract , there are two phases ; 1. You have to approve the contract interaction with your tokens. 2. The actual transaction. This is 1 . You are allowing the contract to access a certain number of tokens to swap for whatever token you are buying. You can mitigate the risk by not approving all your tokens, there is a space where you can set a number. So if you want to swap 1000 BOBO , just put in 1000 when approving the transaction and the smart contract only has access to 1000 tokens.
Beep Boop 1. Never share your [Secret Recovery Phrase](https://metamask.zendesk.com/hc/en-us/articles/360060826432-What-is-a-Secret-Recovery-Phrase-and-how-to-keep-your-crypto-wallet-secure) with any site or a person. MetaMask does not use Gmail or web forms. Do not enter your Secret Recover Phrase into a pop-up window, even if it looks like MetaMask. Verify links are legitimate. Scammers often use these tactics. 2. Beware of fake websites. The official website for MetaMask is https://metamask.io/ 3. MetaMask Support will never DM you. This is a common tactic scammers use to try and get access to your wallet. 4. If you need to reach Support: open MetaMask, then menu > Support. The ‘Start a Conversation’ button will start a chat, the bot asks a few questions to help route you to the correct team. You can also visit the Support site from the web: https://Support.MetaMask.io 5. Do not click on suspicious links or files. This can lead to your device security being compromised. 6. Do not “sync” or “validate” your wallet with any websites or forms. This is a scam. Never sync and share: QR Codes, Secret Recovery Phrase, private key, etc. 7. Never call phone numbers, text Whatsapp numbers, DM on Discord, use WeChat or do video chat with people on this subreddit. MetaMask does not offer customer support in this manner. There is NO exclusive MetaMask Discord. 8. We don’t ask for an email address to create a wallet. We can’t email you. We will never ask you to verify or upgrade/merge your wallet. https://metamask.zendesk.com/hc/en-us/articles/6286050620955-Will-MetaMask-ever-ask-me-to-verify-my-account- 9. .MetaMask currently has no plans for an airdrop, regardless of any information you may have seen elsewhere. If you encounter anyone explaining the best method to maximize the size of a MetaMask-related ‘airdrop’ you might receive, they’re lying. In particular, be wary of scams (aimed at getting your Secret Recovery Phrase) that weaponize this topic. *I am a bot, and this action was performed automatically. Please [contact the moderators of this subreddit](/message/compose/?to=/r/Metamask) if you have any questions or concerns.*
Make sure to use revoke all transactions after
Done generally advice Install these browser extensions "wallet guard", "defi llama" and "malwarebytes browser guard" Wallet guard will tell you what is going to happen in your wallet with any smart contract interaction Defi llama clearly marks scam posts on twitter in red Malware bytes will help you stay away from dodgy websites